Posted on 07/01/2019 8:16:13 AM PDT by Swordmaker
New Mac malware in the wild evades security software, researchers
Roger Fingas for AppleInsider:
Newly uncovered Mac malware is not only in the wild, but trying to avoid detection by security researchers, according to one such firm.
Dubbed “CrescentCore,” the malware comes as it usually does —in the form of a DMG file pretending to be an Adobe Flash Player installer, Intego said. If someone launches its contents, the software will check to see if it’s running inside a virtual machine — a way researchers often quarantine their subjects.
The malware also checks for several popular antivirus tools, and if it detects them, will simply stop running. If there’s nothing in the way one version will install “LaunchAgent,” described as a “persistent infection,” while another will install either “Advanced Mac Cleaner” or a Safari extension.
The team at Intego has observed OSX/CrescentCore in the wild being distributed via numerous sites. Mac users should beware that they may encounter it, even via seemingly innocuous sources such as Google search results.
The new malware was first observed linked from a site purporting to share digital copies of new comic books for free—one of many shady sites that flagrantly violates U.S. copyright laws.
Potentially harmful download links are commonly found on digital piracy sites that claim to offer download links for cracked copies of software, popular movies, and other copyrighted content that cannot be legally obtained for free. It is quite common for links on such sites to send users to malware, scams, or both.
And how much did your Apple TV cost you, if you don’t mind my asking?
I kicked it to the curb about a decade ago
Imagine paying $30,000 for their new pc and $5,000 for the monitor and $999 for the stand to have it all come crashing down due to some malware because the person did not buy any anti spyware/virus program for $50
It’s not so much the loss of equipment, it’s losing the data.
Must be Netflix and other TV sites.
Not at all. $150. This is the HD version. The 2K version is more. Typical of Apple to makes life easier for the user. My wife is not super techie and it makes it a lot easier for her. Comes with a voice controlled remote that uses Siri. A number of streaming services are free with ads. For example Tubi and Pluto. Like this because it gives competition to Netflix, Sling, and Prime who charge and still force ads. We are using Philo for streaming cable shows. YouTube is pretty good and is free with minor interruptions for ads.
Correction: Netflix doesn’t have ads. But there is a monthly fee of $11.00. Philo is $16 per mo.
There is an app for Fox News but most of the shows are recorded and rebroadcast on YouTube.
Someone still uses flash?
So did Apple... if I recall, but I probably should have said the first company to kick it to the curb.
I've been getting the pop-ups to "update flash" for weeks on my Mac Mini. I think (I hope) that I've avoided them successfully. Nevertheless I am concerned about how to tell if a Mac is infected with this cretinous shite. I have users with Macs who run Flash...
(And confession: I run Flash Player, too, I have to for certain dayjob-related things I do, sigh.)
So,... my question is, which tool(s) can tell me if a Mac has this malware on it? and which tool(s) can get rid of it?
Thanks in advance.
“Someone still uses flash?”
Two things I use. The camera viewer on my home security system (SimpliSafe) and my legacy Windows 7 games (mahjong, spider, minesweeper, hearts and freecell). I’m not giving them up!
The one I’d trust would be Malwarebites. . . You just have to run it once.
If you HAVE to run Flash, always install it and updates from the REAL ADOBE WEBSITE.
Okay, MWB it is, thanks.
What I don't recall is whether I clicked on the pop-up version weeks ago before I saw the pattern. Might have.... I'll let'cha know, as it will be notable -- the first infection I've gotten on my own computer (of any kind) in two decades, and the first EVER on a Mac. And if so, in such a n00b-like self-inflicted manner. Fingers crossed...
What about a custom build as this :
[PCPartPicker Part List](https://pcpartpicker.com/list/TV7yJ8)
Type|Item|Price
:——|:——|:——
**CPU** | [AMD - Ryzen 3 2200G 3.5 GHz Quad-Core Processor](https://pcpartpicker.com/product/RkJtt6/amd-ryzen-3-2200g-35ghz-quad-core-processor-yd2200c5fbbox) | $91.99 @ Amazon
**CPU Cooler** | [Cooler Master - Hyper T2 54.8 CFM Sleeve Bearing CPU Cooler](https://pcpartpicker.com/product/FNXfrH/cooler-master-cpu-cooler-rrht228pkr1) | $23.98 @ SuperBiiz
**Motherboard** | [ASRock - B450 Pro4 ATX AM4 Motherboard](https://pcpartpicker.com/product/PCKcCJ/asrock-b450-pro4-atx-am4-motherboard-b450-pro4) | $79.89 @ OutletPC
**Memory** | [G.Skill - Aegis 16 GB (2 x 8 GB) DDR4-3000 Memory](https://pcpartpicker.com/product/FNprxr/gskill-aegis-16gb-2-x-8gb-ddr4-3000-memory-f43000c16d16gisb) | $59.99 @ Newegg
**Storage** | [Patriot - Burst 240 GB 2.5” Solid State Drive](https://pcpartpicker.com/product/9xtQzy/patriot-burst-240gb-25-solid-state-drive-pbu240gs25ssdr) | $26.99 @ Amazon
**Case** | [Cougar - MX330 ATX Mid Tower Case](https://pcpartpicker.com/product/vYp323/cougar-mx330-atx-mid-tower-case-mx330) | $39.90 @ Amazon
**Power Supply** | [Corsair - CX (2017) 450 W 80+ Bronze Certified ATX Power Supply](https://pcpartpicker.com/product/Q7L7YJ/corsair-cx-2017-450w-80-bronze-certified-atx-power-supply-cp-9020120-na) | $41.89 @ OutletPC
**Keyboard** | [Logitech - K120 Wired Standard Keyboard](https://pcpartpicker.com/product/MwsKHx/logitech-keyboard-920002478) | $8.88 @ OutletPC
**Mouse** | [Kensington - Pro Fit Wired Laser Mouse](https://pcpartpicker.com/product/WNGj4D/kensington-mouse-k72323ww) | $2.99 @ Amazon
| *Prices include shipping, taxes, rebates, and discounts* |
| Total (before mail-in rebates) | $418.50
| Mail-in rebates | -$42.00
| **Total** | **$376.50**
| Generated by [PCPartPicker](https://pcpartpicker.com) 2019-07-01 23:10 EDT-0400 |
bump
YouTube works just fine using HTML five.
I don’t run anything that requires Java and it’s one less entry vector for a potential virus to leverage against me.
ok thanks, maybe I’ll look into stopping java altogether- my family likes watching youtube vids (for learning about things like gardening, eating healthy etc- sp they enjoy it- I never looked into dishing java because of that- but looks like I’ll be able to- and didn’t even realize it- thanks-
Where is the assembly labor, clerical time to order and purchase, not to mention handling costs for the rebates, then amortized warranty expense, and future support in those figures? Where is the price of the Windows 10 Pro costs? Did you ignore the part of the specification from my client “name brand”? No, nothing in your list meets that very specific specification that a BUSINESS requires for an order for 10 reliable BUSINESS computers, not some home computers in which the user does his own maintenance.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.